Web-section is shown to any project admin instead to admin only

Jira Development Jira Server
1

Hey there,

currently, I’m working on a plugin that is integrated into the jira UI named version manager.
The problem is, that the web-section which opens the plugin page is shown to any project-admin instead of “real” admins only.
If a project admin user clicks on the plugin-section, he is asked to sign in as an admin.
What I need is that the web-section of the plugin is only shown to admins.
Note: A normal user is not able to see the web-section at all.

<web-section key="admin_handler_config_section" location="system.admin.top.navigation.bar" roles-required="admin"> <label key="Version Manager"/> </web-section>

How a real admin sees the web-section "Version Manager"
3

How any project admin sees the web-section and what happens when he clicks on it
1

2
2922×630 52.1 KB

2

Use a Condition Element on the Web-Item instead of the roles-required attribute on the Web-Section element.

1 Like
3

Thanks for the answer!
But it doesn’t fix the problem. The web-section is still shown to any project-admins like I explained before.

<web-item key="AddGlobalVersion" name="admin_version_manager_section" section="admin_handler_config_section/admin_version_manager_section"> 
    <label key="Add new version"/>  
    <condition class="com.atlassian.jira.plugin.webfragment.conditions.JiraGlobalPermissionCondition">
        <param name="permission">admin</param>
    </condition>
    <link linkId="handler.plugin.configuration.link" key="plugin-configuration">/secure/VersionManagerWebworkAction.jspa</link> 
</web-item>

Any other recomondations? :slight_smile:

4

Try using SYSTEM_ADMIN or sysadmin to the GlobalPermissionCondition. That will require people to be SysAdmin. You might need to add in ADMINSTER as well…

(This is why I always end up writing my own condition).

1 Like
5

Hi, I am not server dev buuuuuuut… I had similar issue with this on cloud and it turned out that they have more than one role for admins… So I don’t know if it is the same on server, it would be logical that it is…
This was my response when I expanded applicationRoles for my profile:

"groups": {
"size": 7,
"items": [
{
"name": "administrators",
},
{
"name": "confluence-users",
},
{
"name": "jira-administrators",
},
{
"name": "jira-core-users",
},
{
"name": "jira-servicedesk-users",
},
{
"name": "jira-software-users",
},
{
"name": "site-admins",
}
]
}

as @danielwester said, i think you need site-admin permissions here… :slight_smile:

1 Like
6

Yes, I don’t think I’ve ever used any of the built in conditions. Always write my own.

1 Like
7

I couldn’t get the conditions to work as I wanted… that’s why I found a workaround:

I integrated the section into “Add-ons” because only admins can navigate there anyway.

atlassian.plugin.xml

...
<web-section  key="version_manager_section"
  				name="version_manager_section"
  				location="admin_plugins_menu"
  				weight="20">
  	<label key="version-manager-plugin.admin.page.web.section.name"/> 		
</web-section>

<web-item key="AddGlobalVersion" name="admin_version_manager_section" section="admin_plugins_menu/version_manager_section"> 
    <label key="Add new version"/>  
    <link linkId="handler.plugin.configuration.link" key="plugin-configuration">/secure/VersionManagerWebworkAction.jspa</link> 
</web-item> 
...